On Fri, 23 Jun 2023 at 23:15, Julia Lawall <Julia.Lawall@xxxxxxxx> wrote:
>
> Use array_size to protect against multiplication overflows.
>
> The changes were done using the following Coccinelle semantic patch:
>
> // <smpl>
> @@
> expression E1, E2;
> constant C1, C2;
> identifier alloc = {vmalloc,vzalloc};
> @@
>
> (
> alloc(C1 * C2,...)
> |
> alloc(
> - (E1) * (E2)
> + array_size(E1, E2)
> ,...)
> )
> // </smpl>
>
> Signed-off-by: Julia Lawall <Julia.Lawall@xxxxxxxx>
Reviewed-by: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
> ---
> kernel/kcov.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/kcov.c b/kernel/kcov.c
> index 84c717337df0..631444760644 100644
> --- a/kernel/kcov.c
> +++ b/kernel/kcov.c
> @@ -900,7 +900,7 @@ void kcov_remote_start(u64 handle)
> /* Can only happen when in_task(). */
> if (!area) {
> local_unlock_irqrestore(&kcov_percpu_data.lock, flags);
> - area = vmalloc(size * sizeof(unsigned long));
> + area = vmalloc(array_size(size, sizeof(unsigned long)));
> if (!area) {
> kcov_put(kcov);
> return;
>
